*** DocScrutinizer51 has quit IRC | 00:06 | |
*** _nicolai_ has joined #maemo-ssu | 00:12 | |
*** Vlad_on_the_road has quit IRC | 00:13 | |
*** DocScrutinizer51 has joined #maemo-ssu | 00:15 | |
*** robotanarchy has quit IRC | 00:20 | |
*** sunny_s has quit IRC | 00:21 | |
*** robotanarchy has joined #maemo-ssu | 00:21 | |
*** sunny_s has joined #maemo-ssu | 00:41 | |
*** RST38h has joined #maemo-ssu | 00:58 | |
*** xes has quit IRC | 01:08 | |
*** Martix_ has joined #maemo-ssu | 01:13 | |
*** _rd has quit IRC | 01:16 | |
*** _rd has joined #maemo-ssu | 01:19 | |
*** _nicolai_ has quit IRC | 01:25 | |
*** _rd has quit IRC | 01:26 | |
*** _rd has joined #maemo-ssu | 01:29 | |
*** Martix_ has quit IRC | 01:29 | |
*** jonwil has joined #maemo-ssu | 01:29 | |
*** _rd has quit IRC | 01:46 | |
*** LauRoman has quit IRC | 02:20 | |
*** liambeeblebrox has joined #maemo-ssu | 02:26 | |
*** sarha has quit IRC | 02:47 | |
*** XDS2010_ has quit IRC | 02:47 | |
*** ototo has quit IRC | 02:47 | |
*** RST38h has quit IRC | 02:47 | |
*** psycho_oreos has quit IRC | 02:47 | |
*** peetah has quit IRC | 02:47 | |
*** chainsawbike has quit IRC | 02:47 | |
*** gggs has quit IRC | 02:47 | |
*** DocScrutinizer51 has quit IRC | 02:47 | |
*** dos1 has quit IRC | 02:47 | |
*** lrtz has quit IRC | 02:47 | |
*** T_X_ has quit IRC | 02:47 | |
*** ototo has joined #maemo-ssu | 02:47 | |
*** ototo has quit IRC | 02:47 | |
*** ototo has joined #maemo-ssu | 02:47 | |
*** T_X_ has joined #maemo-ssu | 02:54 | |
*** lrtz has joined #maemo-ssu | 02:54 | |
*** DocScrutinizer51 has joined #maemo-ssu | 02:54 | |
*** XDS2010_ has joined #maemo-ssu | 02:54 | |
*** sarha has joined #maemo-ssu | 02:54 | |
*** RST38h has joined #maemo-ssu | 02:54 | |
*** peetah has joined #maemo-ssu | 02:54 | |
*** gggs has joined #maemo-ssu | 02:54 | |
*** psycho_oreos has joined #maemo-ssu | 02:54 | |
*** chainsawbike has joined #maemo-ssu | 02:54 | |
*** M4rtinK has quit IRC | 03:14 | |
*** liambeeblebrox has quit IRC | 03:47 | |
*** nox- has quit IRC | 04:45 | |
*** amiconn has quit IRC | 05:49 | |
*** amiconn_ has joined #maemo-ssu | 05:49 | |
*** amiconn_ is now known as amiconn | 05:49 | |
*** n900-dk has quit IRC | 06:09 | |
*** n900-dk has joined #maemo-ssu | 06:18 | |
*** int_ua has joined #maemo-ssu | 07:33 | |
*** oldtopman has quit IRC | 08:11 | |
*** LauRoman has joined #maemo-ssu | 08:55 | |
*** Martix_ has joined #maemo-ssu | 09:32 | |
*** luf has joined #maemo-ssu | 09:46 | |
*** Pali has joined #maemo-ssu | 09:49 | |
*** dos1 has joined #maemo-ssu | 10:11 | |
*** amiconn has quit IRC | 10:15 | |
*** dos1 has quit IRC | 10:19 | |
*** amiconn has joined #maemo-ssu | 10:21 | |
*** LauRoman has quit IRC | 10:35 | |
*** Martix_ has quit IRC | 10:51 | |
*** dos1 has joined #maemo-ssu | 12:27 | |
*** arcean has joined #maemo-ssu | 12:35 | |
*** int_ua has quit IRC | 13:05 | |
*** Martix_ has joined #maemo-ssu | 13:11 | |
*** lizardo has joined #maemo-ssu | 13:27 | |
*** Pali has quit IRC | 13:33 | |
*** Martix_ has quit IRC | 14:39 | |
*** sunny_s has joined #maemo-ssu | 14:46 | |
*** arcean has quit IRC | 15:03 | |
*** mkaindl has joined #maemo-ssu | 15:08 | |
*** mkaindl has left #maemo-ssu | 15:10 | |
*** arcean has joined #maemo-ssu | 15:12 | |
*** lizardo has quit IRC | 15:23 | |
*** lizardo has joined #maemo-ssu | 15:26 | |
*** aap has quit IRC | 15:45 | |
*** Pali has joined #maemo-ssu | 16:46 | |
*** arcean_ has joined #maemo-ssu | 16:49 | |
*** arcean has quit IRC | 16:51 | |
FatPhil | Where's the best place for bug reports? | 16:52 |
---|---|---|
FatPhil | Had some graphical issues with BT pairing UI (and here you say "but we don't have the source to that, ur skroooood") | 16:52 |
Pali | bugs.maemo.org | 16:54 |
*** jonwil has quit IRC | 16:55 | |
FatPhil | Not sure which component is to blame - it's a compositor problem (the pairing popup is blurred). Is that a compositor issue, or... | 16:57 |
*** Martix_ has joined #maemo-ssu | 16:58 | |
FatPhil | PAli: is there no single sign on across the sites? bugs.m.o doesn't recognise me | 17:01 |
*** M13 has joined #maemo-ssu | 17:01 | |
*** Martix_ has quit IRC | 17:05 | |
*** Martix_ has joined #maemo-ssu | 17:05 | |
Pali | garage, bmo and tmo have separate accounts | 17:19 |
DocScrutinizer05 | sign on in garage is via your mail account as "nick" | 17:28 |
DocScrutinizer05 | s/garage/bmo/ | 17:28 |
infobot | DocScrutinizer05 meant: sign on in bmo is via your mail account as "nick" | 17:28 |
DocScrutinizer05 | SSO never got implemented, though long pending and planned | 17:29 |
FatPhil | yup, signed up | 17:31 |
DocScrutinizer05 | :-) | 17:51 |
DocScrutinizer05 | on a general heads-up: malware on your router? http://www.heise.de/ct/artikel/Aufstand-der-Router-1960334.html | 17:53 |
DocScrutinizer05 | that's pretty BAD[TM] and I'm amazed it didn't make it to the general news yet | 17:53 |
FatPhil | malware on your hard disk is possible too | 17:54 |
FatPhil | malware on your SD+WiFi card is possible too | 17:54 |
DocScrutinizer05 | but your HD is usually not executing it | 17:55 |
DocScrutinizer05 | and even if it were executing it, it's still not exactly simple to inject general purpose malware into the system via the HDD | 17:55 |
FatPhil | Nope, I mean your HD could be running an infected kernel | 17:56 |
DocScrutinizer05 | your router though can run arbitrary sniffers on *all* the traffic not only from your LAN to internet but *also* on your LAN as well, and send all that stuff to arbitrary public servers | 17:57 |
FatPhil | http://hackaday.com/2013/08/02/sprite_tm-ohm2013-talk-hacking-hard-drive-controller-chips/ | 17:57 |
FatPhil | which points to http://spritesmods.com/?art=hddhack | 17:57 |
DocScrutinizer05 | I know that article | 17:58 |
DocScrutinizer05 | it's clearly elaborating on how hard it would be to draft an attack on a wide range of targets concurrently | 17:59 |
DocScrutinizer05 | friggin linksys routers are vulnerable via internet | 17:59 |
DocScrutinizer05 | and once compromised/rooted they can siff on *all* your network traffic | 17:59 |
DocScrutinizer05 | this is kinda worse than the windows worms that used dunno port139 or whatever, to propagate without user "support" | 18:00 |
DocScrutinizer05 | c't mag calls it a router-botnet, and heck it IS | 18:02 |
DocScrutinizer05 | and a botnet way worse than any windoze based botnet | 18:02 |
DocScrutinizer05 | since it has full control over all ypour local machines' traffic as well as your traffic and link to the internet | 18:03 |
DocScrutinizer05 | and you can't fight it by any of the usual antivir means | 18:03 |
DocScrutinizer05 | not even detect it | 18:03 |
FatPhil | What's the infection vector? Google translate mentions a web browser, but it's a bit mangled | 18:04 |
DocScrutinizer05 | aiui the vector is a hmtl page used in the dd-wrt config UI, that usually is not supposed to get exposed to global internet, but will allow privilege escalation to everybody when you set router to "remote config allowed" | 18:06 |
*** NIN101 has joined #maemo-ssu | 18:06 | |
DocScrutinizer05 | of course any virus mail opened in LAN will as well be able to exploit that vector even when no remote config allowed | 18:06 |
FatPhil | Publicly-visible admin page = turn around, trousers down... | 18:06 |
FatPhil | true | 18:06 |
DocScrutinizer05 | sure | 18:06 |
DocScrutinizer05 | that's not limited to admin pages aiui | 18:07 |
DocScrutinizer05 | there are as well status pages that are not allowed to do any config | 18:07 |
FatPhil | Well, false. As mail is a sequence of (preferably) text characters, which is never executed | 18:07 |
DocScrutinizer05 | unless your software house sits in Redmond | 18:07 |
DocScrutinizer05 | and your mail client looks out | 18:08 |
FatPhil | ANyone executing code in an email basically has their head in a bag and their legs in the air | 18:08 |
DocScrutinizer05 | sure, *I* know that, and we both know there's legion of those users | 18:08 |
DocScrutinizer05 | html mail with external href= | 18:10 |
DocScrutinizer05 | damage done | 18:10 |
FatPhil | YEah, and their machines are sending my mail server about 50000+ mails per day :-( | 18:10 |
FatPhil | SO I do have some interest in wiping them out. | 18:10 |
DocScrutinizer05 | anyway that dd-wrt vulnerabilities are pretty nasty and not at all related to Redmond | 18:11 |
DocScrutinizer05 | I just checked for my router and it turns out the most recent available firmware is 2009-10-10 | 18:12 |
FatPhil | Rather disappointing that a 4 year old exploit is still open | 18:12 |
DocScrutinizer05 | yep | 18:12 |
FatPhil | Presumably you can just log in and change the apache conf files? | 18:12 |
DocScrutinizer05 | yep, I can, but mine isn't vulnerable | 18:13 |
DocScrutinizer05 | at least not in the exposed IP | 18:13 |
* FatPhil 's never liked web configuration interfaces anyway. SSH in, edit a config file, and HUP | 18:13 | |
DocScrutinizer05 | eventually I gonna check how to fix any possible LAN vulnerability | 18:14 |
DocScrutinizer05 | ack | 18:14 |
*** discopig has quit IRC | 18:14 | |
*** Martix_ has quit IRC | 18:17 | |
*** Martix has joined #maemo-ssu | 18:19 | |
*** dos1 has quit IRC | 18:23 | |
freemangordon | yay!!! https://lkml.org/lkml/2013/9/24/316 | 18:34 |
*** Martix has quit IRC | 18:43 | |
*** Martix has joined #maemo-ssu | 19:00 | |
FatPhil | That TI licence is the worst-written English I've ever seen. It's barely parseable, and utterly unenforceable. | 19:01 |
*** Martix has quit IRC | 19:11 | |
*** dos1 has joined #maemo-ssu | 19:16 | |
kerio | DocScrutinizer05: i'm getting more and more convinced that dd-wrt is a piece of crap :v | 19:21 |
kerio | my router crashes all the time | 19:21 |
*** Martix has joined #maemo-ssu | 19:48 | |
*** Martix_ has joined #maemo-ssu | 19:49 | |
*** Martix has quit IRC | 19:53 | |
*** mkaindl has joined #maemo-ssu | 20:08 | |
*** xes has joined #maemo-ssu | 20:09 | |
*** Martix_ has quit IRC | 20:20 | |
*** mkaindl has quit IRC | 20:23 | |
*** freemangordon_ has joined #maemo-ssu | 20:26 | |
*** freemangordon has quit IRC | 20:26 | |
*** Pali has quit IRC | 20:53 | |
*** Pali has joined #maemo-ssu | 20:57 | |
*** M4rtinK has joined #maemo-ssu | 21:03 | |
*** LauRoman has joined #maemo-ssu | 21:04 | |
*** mkaindl has joined #maemo-ssu | 21:14 | |
*** mkaindl has quit IRC | 21:15 | |
*** mkaindl has joined #maemo-ssu | 21:18 | |
*** discopig has joined #maemo-ssu | 21:46 | |
*** M13 has quit IRC | 22:14 | |
*** mkaindl has quit IRC | 23:01 | |
*** arcean_ has quit IRC | 23:04 | |
*** kerio has quit IRC | 23:12 | |
*** kerio has joined #maemo-ssu | 23:13 | |
*** xes has quit IRC | 23:14 | |
*** sunny_s has quit IRC | 23:26 | |
*** xes has joined #maemo-ssu | 23:26 |
Generated by irclog2html.py 2.15.1 by Marius Gedminas - find it at mg.pov.lt!